Non-inline non-proxy based web filtering system with user notification WAFerS

Date of Publication


Document Type

Bachelor's Thesis

Degree Name

Bachelor of Science in Computer Science


College of Computer Studies


Computer Science

Thesis Adviser

Gregory G. Cu

Defense Panel Chair

Arlyn Verina L. Ong

Defense Panel Member

Isaac Herculano S. Sabas
Miguel Alberto N.M. Gomez


Web filtering systems are network applications that are tasked to ensure that end users are only able to access websites they are allowed to as defined by a web access policy. However, certain flaws inherent to the designs of currently available web filtering solutions can negatively affect the availability and performance of a network. Inline implementations, where the web filtering appliance is placed directly on the path between the users and the Internet, suffer from being possible singular points of failure. These, as with the case of proxy based solutions, which initiate outbound connections on behalf of end user machines, may also contributed to increased network latency and thus become bottlenecks. This study discusses a non-inline non-proxy based web filter systems that address the aforementioned flaws in current systems. In order to do this, the system make use of TCP Reset packets in terminating connections to supposedly blocked websites while spoofing is done in order to deliver notifications of blocked content to end users. RADIUS authentication, Syslog reporting, and a web-based management interface are also features of the developed system. Tests have been conducted in order to verify the functionalities of the system. Results show that the system can indeed terminate connections and deliver user notification. The system also contributed no significant latency when compared with other web filtering system types.

Abstract Format






Accession Number


Shelf Location

Archives, The Learning Commons, 12F, Henry Sy Sr. Hall

Physical Description

1 v. (various foliations) : ill. (some col.) ; 28 cm.

This document is currently not available here.